summaryrefslogtreecommitdiff
path: root/lib/VNDB/Util/Auth.pm
AgeCommit message (Expand)AuthorFilesLines
2019-10-10rewards: Apply supporters badge and unicode name (almost) everywhereYorhel1-2/+2
2019-09-18v2rw: Convert authentication code to VNWeb::AuthYorhel1-130/+31
2019-09-12Add VNDB::Config module and unified conf.pl config fileYorhel1-1/+1
2019-05-16Actually make Unicode passwords workYorhel1-1/+1
2019-05-16Add password dictionary checkYorhel1-2/+3
2016-11-27SQL: Use separate role for the website + disallow access to user dataYorhel1-70/+70
2016-01-20L10N: Intern all VNDB::Util::* stuffYorhel1-7/+3
2016-01-10Require current password on /u+/edit + only hash password once on /u+/setpassYorhel1-13/+22
2015-11-01Removed support for sha256-hashed passwordsYorhel1-21/+2
2015-09-20Use the new reqQuery() + update usage of reqPath() for TUWF 1.0Yorhel1-1/+1
2014-10-16Set httponly flag on auth cookieYorhel1-1/+1
2014-10-16Hash session tokens with SHA-1 when storing in DBYorhel1-19/+21
2014-10-15Use scrypt for new password hashesYorhel1-3/+27
2014-10-15Auth: Use a proper CSPRNG for generating salt and tokensYorhel1-6/+10
2014-10-15SQL: Merge users.(passwd|salt) in one column + document valuesYorhel1-26/+17
2014-08-29API: Make sure to honor the new login throttleYorhel1-1/+1
2014-08-29Strengthen formcode for non-logged-in visitors + CSRF protect login formYorhel1-1/+1
2011-08-23Re-structured password recovery featureYorhel1-3/+27
2011-08-22Removed support for pre-2.6 passwordsYorhel1-9/+1
2011-04-30Replaced user ranks with a permission systemYorhel1-3/+2
2011-01-27TUWF: Replaced resHeader('Set-Cookie', ..) with resCookie()Yorhel1-13/+5
2011-01-27TUWF: Made use of the new cookie_prefix featureYorhel1-2/+2
2011-01-25TUWF: Initial convert from YAWF to TUWFYorhel1-1/+1
2010-12-23Store l10n preference in the database for logged-in usersYorhel1-0/+4
2010-12-23Converted the notify_announce and notify_dbedit preferencesYorhel1-4/+5
2010-12-23Added users_prefs table and removed users.(skin|customcss)Yorhel1-2/+10
2010-11-06Fixed cross-site request forgery vulnerabilitiesYorhel1-1/+55
2010-11-02Prefix all cookies with a configurable cookie_prefixYorhel1-4/+4
2010-03-14Made name of the auth cookie configurableYorhel1-4/+4
2010-01-26SQL: Replaced sessions.expiration with sessions.addedYorhel1-3/+2
2010-01-26Keep track of when a session has last been usedYorhel1-0/+2
2010-01-26Made a start on the notification systemYorhel1-2/+2
2009-11-27Util::Auth: Fixed 500 on invalid cookie formatYorhel1-1/+1
2009-11-15Auth: Combined dbSessionCheck into dbUserGetYorhel1-2/+2
2009-10-10Greatly reduced default number of columns returned by dbUserGetYorhel1-2/+2
2009-10-10Get unread posts count in htmlHeader() instead of Util::AuthYorhel1-2/+2
2009-08-17L10N: Converted user ranks and language namesYorhel1-1/+1
2009-08-08Improved handling of the timestamp columns in anime and session tablesYorhel1-1/+1
2009-07-31Fetch hex hashes from dbUserGet() and do comparison in hexYorhel1-9/+7
2009-07-31Added encode_utf8() on $salt and $pass in _authEncryptPass()Yorhel1-3/+5
2009-07-30Util::Auth: check cookie for sanity and delete incorrect cookiesYorhel1-5/+14
2009-07-30Merge branch 'auth' of git://3decibels.net/vndb into betaYorhel1-23/+63
2009-07-29Changed sessions.expiration column to timestamp3dB1-1/+1
2009-07-29Cleanup of Util/Auth.pm3dB1-13/+7
2009-07-28Rewrote cookie experation string generation to use POSIX::strftime3dB1-5/+3
2009-07-28Removed Crypt::Lite dependency3dB1-11/+8
2009-07-28Multiple bugfixes to authorization system & sql tweaks3dB1-11/+12
2009-07-28Replaced _authGenerateSalt with a better one-liner.3dB1-21/+7
2009-07-27Committing initial modification of authorization module.3dB1-21/+74
2009-07-23Created subroutine to genrate password salts3dB1-0/+11